Skip to content

APMarzuki/MalwareSandbox-Lite

Repository files navigation

🔒 CyberGuardian X - Unified Security Suite

Python License Platform

A comprehensive security analysis platform combining threat intelligence, digital forensics, network scanning, and system auditing in one unified interface.

🚀 Features

🔍 Threat Intelligence

  • Multi-source Lookups: IP, Domain, URL, File Hash analysis
  • API Integration: VirusTotal, AbuseIPDB, AlienVault OTX, URLScan, Shodan
  • Real-time Analysis: Live threat data from 5+ intelligence sources

📁 File Analysis & Sandbox

  • Static Analysis: PE parsing, entropy calculation, string extraction
  • Hash Generation: MD5, SHA1, SHA256
  • Multi-engine Scanning: Hybrid Analysis, MetaDefender, VirusTotal

🕵️ Digital Forensics Lite

  • Evidence Collection: System information, running processes, browser history
  • USB Device History: Registry-based USB artifact analysis
  • Automated Reporting: JSON evidence export

🌐 Network Security Tools

  • Network Discovery: Host discovery and ping sweeps
  • Port Scanning: Common service port detection
  • Service Detection: Banner grabbing and service identification

🛡️ System Security Audit

  • Startup Analysis: Auto-start program inspection
  • Service Enumeration: Windows service auditing
  • Security Assessment: Firewall status and system hardening checks

🛠️ Installation

Prerequisites

  • Python 3.8+
  • Windows 10/11 (Linux support in development)

Quick Start

# Clone repository
git clone https://github.com/APMarzuki/CyberGuardian-X.git
cd CyberGuardian-X

# Create virtual environment
python -m venv .venv
.venv\Scripts\activate  # Windows

# Install dependencies
pip install -r requirements.txt

# Configure API keys
copy config.ini.example config.ini
# Edit config.ini with your API keys

# Run application
python app.py

Dependencies
See requirements.txt for complete list:

requests>=2.28 - API communication

psutil>=5.9 - System information

tkinter - GUI framework

python-magic-bin - File type detection

🔧 Configuration
Get API keys from:

VirusTotal

AbuseIPDB

AlienVault OTX

URLScan

Shodan

Add keys to config.ini:

ini
[API_KEYS]
VIRUSTOTAL_API_KEY = your_key_here
ABUSEIPDB_API_KEY = your_key_here
OTX_API_KEY = your_key_here
URLSCAN_API_KEY = your_key_here
SHODAN_API_KEY = your_key_here
🎯 Usage Examples
Threat Intelligence
python
# IP Reputation Check
Lookup Type: ip
Value: 8.8.8.8

# File Hash Analysis  
Lookup Type: hash
Value: 44d88612fea8a8f36de82e1278abb02f
File Analysis
Drag & drop suspicious files for automated analysis

View PE headers, strings, entropy, and hash information

Cross-reference with multiple threat intelligence sources

Forensic Collection
One-click evidence gathering

Export comprehensive system snapshots

Browser artifact analysis

📁 Project Structure
text
CyberGuardian-X/
├── app.py                 # Main application launcher
├── requirements.txt       # Python dependencies
├── config.ini            # Configuration file
├── core/                 # Core functionality
│   ├── ti_engine.py      # Threat intelligence engine
│   ├── hash_utils.py     # Cryptographic functions
│   └── pe_parser.py      # PE file analysis
├── modules/              # Feature modules
│   ├── gui.py           # Main GUI interface
│   ├── scanner.py       # File scanning engine
│   ├── forensic_lite.py # Digital forensics
│   ├── net_scanner.py   # Network tools
│   └── system_audit.py  # Security auditing
├── apis/                # API clients
│   ├── vt_client.py     # VirusTotal
│   ├── otx_client.py    # AlienVault OTX
│   └── abuseipdb_client.py # AbuseIPDB
└── config/              # Configuration
    └── key_loader.py    # API key management
🤝 Contributing
We welcome contributions! Please see our Contributing Guidelines for details.

Fork the repository

Create a feature branch (git checkout -b feature/amazing-feature)

Commit your changes (git commit -m 'Add amazing feature')

Push to the branch (git push origin feature/amazing-feature)

Open a Pull Request

📄 License
This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments
VirusTotal for file reputation services

AlienVault OTX for open threat intelligence

AbuseIPDB for IP reputation data

URLScan.io for URL analysis

Shodan for network intelligence

📞 Support
Issues: GitHub Issues

Discussions: GitHub Discussions

CyberGuardian X - Your unified platform for comprehensive security analysis and threat intelligence.

text

### **3. Essential Repository Files**

**Create these files in your repository:**

**requirements.txt** (updated):
```txt
# Core Dependencies
requests>=2.28.0
psutil>=5.9.0
python-magic-bin>=0.4.24; sys_platform == "win32"
pillow>=10.0.0

# Optional (for enhanced features)
dnspython>=2.3.0
python-whois>=0.9.0
cryptography>=41.0.0
rich>=12.6.0
tldextract>=3.4.0

# Development
pyinstaller>=5.10.0

About

Unified Security + Forensics + Threat Intelligence Suite

Topics

Resources

Contributing

Stars

1 star

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors